ITSK 34133423 ECommerce

1
ITSK 3413/3423E-Commerce

• Lecture 7
• ASP Web Forms (WDD Ch 4)
• Payment Methods (EC Chapter 12)

2
Agenda

• ASP Web Forms
• E-Payments
• Motivation
• Options
• Credit Cards
• Electronic Cash
• Wallets
• Smart Cards
• SET

3
ASP Web Forms

• From last lecture
• Can mix ASP form elements w/ old HTML form
  elements
• ViewState information saved during client-server
  round trips (compressed encrypted)
• Easy validation and error messages!

4
runatserver

• Creates an HTML server control
• Must be well formed
• Must use closing tag or trailing slash
• Include the following attributes
• id (names the object)
• This is different from the name attribute!
• OnServerClick (event handler for click)
• OnServerChange (event handler for change)

5
HTML Server Controls vs.Web Server Controls

• HTML server controls
• Add the runat attribute
• Nearly identical to the HTML element
• Web server controls
• Uses aspCONTROL tag
• Provide more capability
• Well stick with Web server controls

6
A Sample Form

• Ask user for personal information
• Name
• Address
• E-mail
• Date of Birth
• Password
• Credit card

7
Regular Expressions

• - beginning of string
• h will match hello but not ohio
• - end of string
• b will match crib but not bed
• n matches repeats of preceding
• a2 matches aa, baah, but not eat
• \d matches any digit
• \d will match 1, 2, 3, etc.
• specifies range
• 0-9a-z will match any alphanumeric

8
Regular Expressions (cont)

• \d3-\d3-\d4
• Matches 3 digits followed by - and three more
  digits followed by - and four digits
• Does not allow other characters before or after

9
Intermission
10
Think About Your Purchases

• Who do you trust?
• Where will you not do business?
• How do you make purchases?

11
Motivation

• Billions of dollars moving around the world
• All kinds of transactions
• Micropayments (few cents)
• Mid-range purchases (10-1000)
• High-end (gt 1000)
• Business-to-Business (thousands)

12
Motivation

• Want payment methods that are
• Safe
• Convenient
• Widely accepted
• Technology could be great
• Consumers have to buy into the idea

13
Credit Cards

• Currently, approximately 80 of on-line purchases
  are done with credit cards
• But many people dont trust this method
• Why not?

14
Credit Defined

• Trust
• Reputation
• Reputation-enabled power
• Amount of money available for purchases
• Risk taking

15
History of Credit

• Dates back to Levitical laws (3000 BC)
• Stores in America began issuing credit at the end
  of the 19th century
• Universally-accepted cards didnt appear until
  1950s

16
Credit Transaction Anatomy
1
Buyer
Merchant
5

• Make purchase
• Charge account
• Credit account
• Bill
• Pay
• Credit account

BuyersBank
2
4
6
BuyersCredit Company
Merchants Bank
3
17
Debit Card Transaction Anatomy
1
Buyer
Merchant

• Make purchase
• Charge account
• Credit account

2
BuyersBank
3
Merchants Bank
18
Why Credit?

• Makes purchases easier
• The credit company is validating that you are
  able to make the purchase
• Limits liability (50) and increases buyers
  recourse in event of problem
• Credit company receives 3 of sale 25-75 cents
  per transaction fee

19
But 3 Adds Up!

• Ive made 540 for the credit company this year
• They have to deal with transaction costs
• But as a merchant, are you willing to deal with
  the overhead for 0.50 purchases?

20
Electronic Cash

• Many purchases are micropurchases
• Newspapers
• Cokes
• Fax service
• McDonalds, Wendys, etc
• The overhead in processing the credit card
  transaction is a hindrance

21
E-Cash Requirements

• Should only be spent once
• Anonymity
• Must not rely upon proprietary formats
• Should be free floating
• Offer convenience

22
The E-Cash Process

• Consumer goes to an e-cash issuing bank and
  establishes an account
• Transfers real money into e-cash (fee?)
• Consumer sends e-cash to merchant
• Merchant validates the e-cash at issuing bank
• Merchant deposits e-cash when purchase complete
  (delivered)

23
Wallets

• Consumers get tired of filling out who am I
  forms with credit card, shipping, personal
  information
• Up to 65 of sales are lost at the checkout
  stage of an e-purchase
• Why not automatically fill in web forms with this?

24
Wallets

• Store personal information on client machine
• Name
• Shipping Address(es)
• Credit Card Info
• Phone Number(s)

25
Smart Cards

• Used in ATL during the 96 Olympics
• Similar to a VISA card
• Basis was debit
• Vendors included
• Fast food
• Malls
• Restaurants

26
Smart Cards

• Encrypted 10 Kb of information
• Widely used in Europe
• Not a big hit in the US
• Lack of consumer acceptance
• Lack of common readers at merchants store

27
SET

• Why should merchant know your credit card
  information?
• All the merchant really needs is validation that
  you are able to pay
• SET provides purchase authentication without
  revealing unnecessary information

28
SET Architecture

• Protocol for transmitting encrypted payment
  information
• Uses dual digital signatures for authentication

29
Keeping Info Where Its Needed
Message to Bank
Message to Merchant
PKBank
PKMerchant
Final Message
30
Wireless Technologies

• Seen IBMs buy a coke with a cell phone add?
• Embed signaling devices into merchant machines
  consumer electronics
• Validate transaction without merchant being
  involved (using token technology)

31
Concluding Remarks

• Store info on client side encrypted
• Store info on server side encrypted
• Purge identifying information after transaction
  is completed
• Validate input (credit card check sum)
• Inform buyer at all times (privacy policy)

32
Have a Great Weekend!